FBI Targets Online Account Data, Should Users Be Afraid?

Google has recently released new data in their transparency report showing an increase in government requests for users' data. We'll be taking a closer look as to why this information is crucial and why users should be wary of the increasing abuse of National Security Letters.

Google released additional data for its biennial transparency report showing an increase in government requests for users' data. Users should be wary of the government's increasing abuse of National Security Letters (NSLs).

Be Afraid of the FBI's National Security Letters To Google Companies usually can't disclose to their clients that the FBI demanded their user data via NSLs. Google, however, negotiated a deal with the Obama administration to publish a range, and not the specific number, of NSLs it received. Google received between zero and 999 NSLs in 2012 regarding 1,000 to 1,999 users/accounts, the company said on its Public Policy Blog.

Google broke out the kinds of requests and legal processes U.S. government entities use to force communications and technology companies to hand over user data about certain individuals.

What Exactly Do These Letters Do? NSLs are demand letters and very different from subpoenas. U.S. government agencies can issue NSLs without prior judicial review, as long as the contents in the letter are somehow related to national security issues. NSLs can only request non-content information, such as transactional records, phone numbers dialed, or email addresses the user has communicated with. These letters come with a lifelong gag order preventing the recipient company from ever disclosing the letter was even received.

The Department of Justice Inspector General reports tell a grim story on how these letters are used. FBI's use of NSLs increased drastically from 8,500 requests in 2000 to 47,000 in 2005, according to a March 2007 report. The trend continued upward, according to the 2008 report. In recent years, the FBI's use of such letters had become "routine, casual, and unsupervised," the IG's office wrote in a report in January 2010.

The FBI is allowed to access "the name, address, length of service, and local and long distance toll billing records" of a subscriber to a wire or electronic communication service, Google said in the report's expanded FAQ section. The FBI is not allowed access to Gmail content, YouTube videos, search queries, or user IP addresses, even though there have been instances of improper or illegal use of NSLs to obtain irrelevant information.

A Little History Lesson NSLs have been around since the 1980s, but the types of records that they could access were narrow and the information had to be related to foreign intelligence cases. There were no penalties for failing to comply with the request and there wasn't an enforcement mechanism. The Patriot Act expanded the circumstances under which NSLs could be used, resulting in an explosion of requests from the FBI.

This isn't the first time the excessive use of NSLs by the FBI has been brought to the public's attention. In January 2011, Twitter was ordered by federal prosecutors through a secret subpoena to hand over account data of the people involved with the WikiLeaks case. Twitter turned around and then challenged not only the subpoena, but the secrecy of it, and was granted the right to inform its users that their information was being requested by the government.

Nicholas Merrill, who was president of New York based Calyx Internet Access, received a NSL from the FBI in February 2004 demanding the records of one of his clients. He filed a lawsuit to challenge it and the demand was later dropped. Despite everything, Merrill was still under a gag order, prohibiting him from talking about the letter and the lawsuit in which he was involved in. After 6 years, Merrill was partially released from the gag order and was able to speak about the ordeal he was put through. However, he is still not allowed to publicly talk about the details of the letter he received.

Should You Be Scared? Unless you have been involved in matters that threaten national security, then probably not. However, it's good to be aware of these issues, especially since it involves the idea that the government could access your user data so easily. It goes to show how little users know about where their data is going and how often the government secretly demands it. If the FBI's use of these letters continue to increase, at some point there might be reason to worry. One thing that could happen is that NSLs will be used for smaller issues such as illegal downloading of music and movies, free online TV streaming, or anything along those lines.

By now including these letters in their transparency reports, Google has definitely taken the first step and paved the way for other technology and communications companies to provide similar reports.

About the Author

Jamie was previously an intern at PCMag and is now a writer for PCMag's AppScout blog. A senior at Ithaca College, NY, she is exploring the world of online writing, to which she brings her love for gaming and all things geeky. You can follow her on Twitter at: @JS_Cifuen.

Get Our Best Stories!

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.